CN110545175B - Security authentication method for communication protocol of charging pile and electric vehicle - Google Patents

Security authentication method for communication protocol of charging pile and electric vehicle Download PDF

Info

Publication number
CN110545175B
CN110545175B CN201910781588.1A CN201910781588A CN110545175B CN 110545175 B CN110545175 B CN 110545175B CN 201910781588 A CN201910781588 A CN 201910781588A CN 110545175 B CN110545175 B CN 110545175B
Authority
CN
China
Prior art keywords
message
data
charging pile
management system
battery management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910781588.1A
Other languages
Chinese (zh)
Other versions
CN110545175A (en
Inventor
徐江珮
王晋
刘畅
喻潇
王捷
周亮
田里
龙凤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Electric Power Research Institute of State Grid Hubei Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
Electric Power Research Institute of State Grid Hubei Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Electric Power Research Institute of State Grid Hubei Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN201910781588.1A priority Critical patent/CN110545175B/en
Publication of CN110545175A publication Critical patent/CN110545175A/en
Application granted granted Critical
Publication of CN110545175B publication Critical patent/CN110545175B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60LPROPULSION OF ELECTRICALLY-PROPELLED VEHICLES; SUPPLYING ELECTRIC POWER FOR AUXILIARY EQUIPMENT OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRODYNAMIC BRAKE SYSTEMS FOR VEHICLES IN GENERAL; MAGNETIC SUSPENSION OR LEVITATION FOR VEHICLES; MONITORING OPERATING VARIABLES OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRIC SAFETY DEVICES FOR ELECTRICALLY-PROPELLED VEHICLES
    • B60L53/00Methods of charging batteries, specially adapted for electric vehicles; Charging stations or on-board charging equipment therefor; Exchange of energy storage elements in electric vehicles
    • B60L53/60Monitoring or controlling charging stations
    • B60L53/66Data transfer between charging stations and vehicles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0056Systems characterized by the type of code used
    • H04L1/0061Error detection codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Transportation (AREA)
  • Mechanical Engineering (AREA)
  • Charge And Discharge Circuits For Batteries Or The Like (AREA)
  • Electric Propulsion And Braking For Vehicles (AREA)

Abstract

The invention provides a safety certification method for a communication protocol of a charging pile and an electric vehicle, which comprises the following specific steps of S1, in a charging handshake stage, enabling the charging pile and a battery management system of the electric vehicle to obtain the same shared seeds based on an ECDH shared seed exchange strategy; s2, the charging pile and the electric vehicle battery management system take the shared seed value as input, generate the same message verification code, add the same message verification code into a data message, and transmit the message verification code to the charging pile for verification; s3, for the non-data message with strict data field regulation, no redundant space is added with a message verification code, so that a random number is added and judged, and the verification of the non-data message is completed; and S4, verifying the data message and the non-data message, so that the safety certification of the communication protocol between the charging pile and the electric vehicle is completed. The invention provides an authentication method for a communication protocol of the charging pile, and can resist replay attack and man-in-the-middle attack.

Description

Security authentication method for communication protocol between charging pile and electric vehicle
Technical Field
The invention belongs to the field of industrial control Internet of things, and particularly relates to a safety certification method for a communication protocol between a charging pile and an electric vehicle.
Background
Andrewa-Ina Radu is equal to 2015 and provides a lightweight CAN authentication protocol LeiA, and in the scheme, identity authentication between ECUs on an automobile is allowed, so that a subarea CAN resist various attacks. LibrA-CAN and CANAuth are two lightweight authentication protocols for CAN, both solutions use CAN + protocol, which is proposed by Tobias Ziermann et al, 2009, and the CAN + protocol is based on the existing structure of CAN bus, and sends data in the time gap when the CAN node on the bus is not in the monitoring state, thereby improving the transmission efficiency of data. The maximum transmission efficiency can be increased by 16 times. Bogdan Groza, equal to 2013, proposed a secure broadcast authentication protocol in CAN bus, which is to improve the broadcast mechanism of CAN based on the known key chain and time synchronization specification at the application layer of CAN, and then to use encryption authentication in CAN network, although the security is increased, the communication delay of bus is inevitably increased. Because the CAN protocol lacks an identity authentication mechanism, if an attacker accesses a malicious node into the CAN bus and broadcasts a message, the charging pile does not verify whether the identity of a message source is legal, and the message CAN be received and processed as long as the message meets the specification. Samuel Woo equals 2015 to propose an attack model for actually attacking a vehicle CAN network by using a malicious smartphone application in a networked vehicle environment, and after the weaknesses in the vehicle CAN network are summarized, the vehicle CAN network and the application design a vehicle CAN safety protocol. The scheme uses an Advanced Encryption Standard (AES) algorithm and a Message Authentication Code (MAC) to encrypt and authenticate a CAN data frame, and uses a random number and a counter to update a key to keep freshness.
Disclosure of Invention
The charging pile compares a message verification code generated by the charging pile with a message verification code in a received message, and passes verification only when the message verification codes are consistent. The scheme can enable the charging communication protocol to resist replay attack and man-in-the-middle attack.
The technical scheme of the invention is as follows:
a safety certification method aiming at a communication protocol between a charging pile and an electric automobile comprises the following specific steps,
s1, in a charging handshake phase, a charging pile and an electric vehicle battery management system obtain the same shared seeds based on an ECDH shared seed exchange strategy;
s2, the charging pile and the electric vehicle battery management system take the shared seed value as input, generate the same message verification code, add the same message verification code into the data message, and transmit the message verification code to the charging pile for verification;
s3, for the non-data message with strict data field regulation, no redundant space is added with a message verification code, so that a random number is added and judged, and the verification of the non-data message is completed;
and S4, verifying the data message and the non-data message, so that the safety certification of the communication protocol between the charging pile and the electric vehicle is completed.
In step S1, the ECDH-based shared seed exchange strategy includes the following steps,
step 1: selecting a finite field GF (P) safe elliptic curve E and selecting a base point G;
step 2: charging pile generates random number r A Multiplying the base point G by the base point G to obtain Q A =r A G, mixing Q A Sending the information to a battery management system of the electric automobile;
and 3, step 3: random number r generated by battery management system of electric vehicle B Multiplying the base point G by the base point G to obtain Q B =r B G, mixing Q B Sending the information to a charging pile;
and 4, step 4: electric vehicle battery management system receiving Q A Then, it is mixed with r B Obtaining the shared seed S ═ r by dot product calculation B Q A
And 5, step 5: after receiving QB sent by the battery management system of the electric vehicle, the charging pile and r A Obtaining the shared seed S ═ r by dot product calculation A Q B
After the steps are finished, the charging pile and the electric vehicle battery management system obtain the same shared seed S ═ r A r B G。
The method of adding the message authentication code to the data message in step S2 includes storing the message authentication code by splitting the data field and storing the message authentication code using a cyclic redundancy check code,
the method for storing the message verification code in the split data domain comprises the following steps:
dividing an original 64-bit data field of a data field in the CAN extended frame into two 32-bit spaces;
the first 32 bits of the data field still store data, and the second 32 bits store a message verification code with the length of 4 bytes;
the method for storing the message verification code by using the cyclic redundancy check code comprises the following steps:
averagely splitting an original 32-bit length message verification code into 2 parts, and separately storing a front 16-bit MAC and a rear 16-bit MAC into continuous CAN data frames;
taking the R bit and the DP bit of the CAN data frame as identifiers, continuously receiving the communication message when the two bits are 11, and verifying the two newly received frame messages when the two bits are 10;
and extracting, merging and verifying the MAC of the two frames of messages.
The data packet verification method with the message verification code added in step S2 specifically includes the following steps:
a: when the battery management system of the electric automobile sends a multi-frame message, a request sending message is sent first for establishing virtual connection with a charging pile;
b: after receiving the request message, the charging pile system generates a 32-bit random number R, adds the R into a reserved bit of the ready-to-send message, and sends the newly-constructed ready-to-send message to an electric vehicle battery management system;
c: after receiving a message to be sent, the electric vehicle battery management system extracts a random number R contained in the message, calculates a message verification code MacB of the electric vehicle battery management system, wherein the MacB is Hash (data | | S | | R | | countB), in a data frame to be sent next, puts a newly generated MacB into the rear 32 bits of a CAN data frame data domain, constructs a data frame with the message verification code and sends the data frame to a charging pile, each time a data frame with the message verification code is sent, the counter countB is updated in a countB + + updating mode, after updating, whether the data frame is completely sent or not is confirmed, if not, the new counter countB is substituted into a calculation formula of the message verification code to obtain a new MacB, and the steps are repeated until all the data frames are sent;
d: when a charging pile receives a frame of data frame with a message verification code, a counter countA is added with 1, then a message verification code MacB and a message data contained in the data frame are extracted, the message verification code MacA of the charging pile is calculated to be Hash (data | | | S | | R | | | countA) and compared with the current MacB, if the MacA is established, whether the received data frame is the last frame is judged, if not, the data message is continuously received, if the MacA is not established, the current identity verification does not pass, after all the data frames are confirmed to be received, a new seed value newS is calculated, the calculation formula is newS | | Hash (S | R | | | countA), and the value countA of the counter is placed into a reserved bit of a response ending message and sent to an electric vehicle battery management system;
e: after the battery management system of the electric vehicle confirms that all data frames are sent, calculating a new shared seed value newS, wherein the calculation formula is as follows: when receiving the end message, the electric vehicle battery management system extracts a counter countA contained therein, and compares whether the value of the counter is the same, that is, whether the counter ta is true or not, if so, the battery management system indicates that the identity authentication is passed, and both sides update the seed value: if the result is false, it indicates that the information between the two is not synchronized, and the counter countB needs to be set to 0 to restart the authentication process.
In step S3, the authentication of the non-data packet specifically includes analyzing security threats of three non-data packets, namely, a request-to-send packet, a ready-to-send packet, and a message-end-response packet, and includes the following steps:
a: the charging pile generates a random number x with the length of 1 byte, then the x is substituted into a mathematical equation with certain complexity to calculate to obtain y, the length of the y is also 1 byte, the random number x and the calculated y at each time are spliced into a random number r, the random number r is added into a reserved position for preparing to send a message, and the random number r is sent to an electric vehicle battery management system;
b: the battery management system of the electric automobile splits the random number r into x and y and substitutes the x and y into the same mathematical equation to verify the correctness of the r, if the r is verified to be correct, whether the r appears in the used random number is judged, if yes, the replay attack is detected, the battery management system of the electric automobile does not receive the message, and if not, the message is verified to be passed, and the value of the random number r is recorded at the same time.
The mathematical equation with certain complexity uses ax + by as a mathematical equation, wherein parameters a, b and c are determined by a shared seed S, the value of S is updated after one round of multi-frame message transmission is completed, and the corresponding values of a, b and c are also updated.
Compared with the prior art, the invention has the beneficial effects that: based on the shared seed exchange strategy of the ECDH, the charging pile and the electric vehicle obtain the same shared seed, and the shared seed is used for generating the message verification code. The two parties use the same method to generate the MAC, the electric automobile BMS puts the MAC into a data message and sends the MAC to the charging pile, and the charging pile judges the authenticity of the MAC so as to detect whether the charging pile is attacked or not. Aiming at three non-data messages which can not be put into MAC in a multi-frame message transmission mechanism, the method for verifying whether the message is legal or not by using a random number is provided by analyzing and discovering that the message to be sent has the threat of disconnecting communication connection when suffering from replay attack. The invention provides an authentication method for a communication protocol of the charging pile, and can resist replay attack and man-in-the-middle attack.
Drawings
Fig. 1 is an overall flowchart of the security authentication scheme of the present invention.
Fig. 2 is a diagram of an ECDH-based shared seed exchange strategy in the charging handshake phase of the present invention.
Fig. 3 is a flow chart of the present invention for authenticating a data message using a message authentication code.
Fig. 4 is a method for storing MAC in the DATA field of a split DATA frame according to the present invention.
Fig. 5 is a method of depositing a MAC using a CRC field of a data frame in the present invention.
Fig. 6 is a security threat analysis of non-data messages and a proposed method for authentication using random numbers in accordance with the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, is an overall flow chart of the authentication scheme. The whole process is divided into 4 parts: the charging handshake phase obtains shared seeds, verifies a multi-frame message by using an MAC (media access control) verification mechanism, and provides protective measures aiming at the security threat of non-data messages.
The specific implementation of the key parts in the first embodiment is described as follows:
1. shared seed exchange strategy
As shown in fig. 2, is a flow chart of the shared seed exchange strategy. In the process, the experimental environment needs to use an openssl class library, and C language is developed and used. Parameters are set according to the use of the elliptic curve, random numbers are generated for the parameters, and then the random numbers are multiplied by the base points to obtain new points which can be regarded as public keys. And finally, exchanging public keys of the two parties and multiplying the public keys by the random number to obtain a shared seed. The way the shared seed is calculated in the charging post and BMS program is the same.
2. Authentication scheme for data message
As shown in fig. 3, it is an authentication mechanism of data message. In the scheme, the charging pile and the electric vehicle BMS take data of a communication message, a random number R generated by the charging pile, a shared seed S and a counter as input of a hash function to generate a message verification code. And calling an interface function to send out the data frame with the message verification code. And the charging pile generates a message verification code in the same way and checks whether the message verification code of the received message is correct or not. After one round of multi-frame message transmission is finished, the shared seed value needs to be updated.
In the embodiment, the CAN data frame receiving and sending operations are carried out based on interface functions VCI _ Transmit and VCI _ Receive of a CANalyst-II analyzer. The CAN data frame is constructed by the structure VCI _ CAN _ OBJ through which the operations of adding the message authentication code and the random number are also performed. The hash function selects SHA256, and the generated 256 bits of data need to be cut into 32 bits of message verification codes.
3. Split data domain deposit MAC
As shown in fig. 4, the message authentication code is placed in the last 32 bits of the data field, and the first 32 bits store the message sequence number and data.
In the embodiment, the definition of the data field by the structural body VCI _ CAN _ OBJ defines the last 4 bytes as the data of the message authentication code.
4. Depositing MAC using CRC field
As shown in fig. 5, the CRC field of the CAN data frame is used to store the message authentication code. The original 4-byte length message verification code needs to be split into two 2-byte data, the two 2-byte data are separately placed in CRC fields of two frames of messages, and an even frame check is used during the check, and the check is performed once every two frames. And extracting the message authentication code and merging and authenticating.
5. Authentication of non-data messages using random numbers
As shown in fig. 6, the security threat analysis and protection scheme for three non-data packets is described. The existing security threat is that an attacker repeatedly transmits messages ready to be sent, so that the communication connection between the pile and the vehicle is closed, and the normal communication process is influenced. The protection scheme is as follows: adding a random number with the length of 2 bytes to a reserved bit of a message to be sent, recording the used random number by both communication parties, and considering the replay attack if the newly received message has the previously used random number. The random number R needs to be updated all the time.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (1)

1. A safety certification method aiming at a communication protocol between a charging pile and an electric vehicle is characterized by comprising the following specific steps of,
s1, in a charging handshake phase, a charging pile and an electric vehicle battery management system obtain the same shared seeds based on an ECDH shared seed exchange strategy;
s2, the charging pile and the electric vehicle battery management system take the shared seed value as input, generate the same message verification code, add the same message verification code into the data message, and transmit the message verification code to the charging pile for verification;
s3, for the non-data message with strict data field regulation, no redundant space is added with a message verification code, so that a random number is added and judged, and the verification of the non-data message is completed;
s4, verifying the data message and the non-data message to complete the safety certification of the communication protocol between the charging pile and the electric vehicle;
in step S1, the ECDH-based shared seed exchange strategy includes the following steps,
step 1: selecting a finite field GF (P) safety elliptic curve E and selecting a base point G;
step 2: charging pile generates random number r A Multiplying the base point G by the base point G to obtain Q A =r A G, mixing Q A Sending the information to a battery management system of the electric automobile;
and 3, step 3: random number r generated by battery management system of electric automobile B Multiplying the base point G by the base point G to obtain Q B =r B G, mixing Q B Sending the information to a charging pile;
and 4, step 4: electric vehicle battery management system receiving Q A Then, it is mixed with r B Obtaining the shared seed S ═ r by dot product calculation B Q A
And 5, step 5: after receiving QB sent by the battery management system of the electric vehicle, the charging pile and r A Obtaining the shared seed S ═ r by dot product calculation A Q B
After the steps are finished, the charging pile and the electric vehicle battery management system obtain the same shared seed S ═ r A r B G;
The method for adding the message authentication code to the data message in step S2 includes storing the message authentication code by splitting the data field and storing the message authentication code using the cyclic redundancy check code,
the method for storing the message verification code in the split data domain comprises the following steps:
dividing an original 64-bit data field of a data field in the CAN extended frame into two 32-bit spaces;
the first 32 bits of the data field still store data, and the second 32 bits store a message verification code with the length of 4 bytes;
the method for storing the message verification code by using the cyclic redundancy check code comprises the following steps:
averagely splitting the original 32-bit length message verification code into 2 parts, and separately storing the front 16-bit MAC and the rear 16-bit MAC into continuous CAN data frames;
taking the R bit and the DP bit of the CAN data frame as identifiers, continuously receiving the communication message when the two bits are 11, and verifying the two newly received frame messages when the two bits are 10;
extracting, merging and verifying the MAC of the two frames of messages;
the data packet verification method with the message verification code added in step S2 specifically includes the following steps:
a: when the battery management system of the electric automobile sends a multi-frame message, firstly sending a request message for establishing virtual connection with a charging pile;
b: after receiving the message requesting to send, the charging pile system generates a 32-bit random number R, adds the R into a reserved bit of the message to be sent, and sends the newly constructed message to be sent to the electric vehicle battery management system;
c: after receiving a message to be sent, the electric vehicle battery management system extracts a random number R contained in the message, calculates a message verification code MacB of the electric vehicle battery management system, wherein the MacB is Hash (data | | S | | R | | countB), in a data frame to be sent next, puts a newly generated MacB into the rear 32 bits of a CAN data frame data domain, constructs a data frame with the message verification code and sends the data frame to a charging pile, each time a data frame with the message verification code is sent, the counter countB is updated in a countB + + updating mode, after updating, whether the data frame is completely sent or not is confirmed, if not, the new counter countB is substituted into a calculation formula of the message verification code to obtain a new MacB, and the steps are repeated until all the data frames are sent;
d: when a charging pile receives a frame of data frame with a message verification code, a counter countA is added with 1, then a message verification code MacB and a message data contained in the data frame are extracted, the message verification code MacA of the charging pile is calculated to be Hash (data | | | S | | R | | | countA) and compared with the current MacB, if the MacA is established, whether the received data frame is the last frame is judged, if not, the data message is continuously received, if the MacA is not established, the current identity verification does not pass, after all the data frames are confirmed to be received, a new seed value newS is calculated, the calculation formula is newS | | Hash (S | R | | | countA), and the value countA of the counter is placed into a reserved bit of a response ending message and sent to an electric vehicle battery management system;
e: after the battery management system of the electric automobile confirms that all data frames are sent, calculating a new shared seed value newS, wherein the calculation formula is as follows: when receiving the end message, the electric vehicle battery management system extracts a counter countA contained therein, and compares whether the value of the counter is the same, that is, whether the counter ta is true or not, if so, the battery management system indicates that the identity authentication is passed, and both sides update the seed value: if the S is not true, the information between the S and the NewS is not synchronous, the counter countB needs to be set to be 0, and the authentication process is restarted;
in step S3, the authentication of the non-data packet specifically includes analyzing security threats of three non-data packets, namely, a request-to-send packet, a ready-to-send packet, and a message-end-response packet, and includes the following steps:
a: the charging pile generates a random number x with the length of 1 byte, then the x is substituted into a mathematical equation with certain complexity to calculate to obtain y, the length of the y is also 1 byte, the random number x and the calculated y at each time are spliced into a random number r, the random number r is added into a reserved position for preparing to send a message, and the random number r is sent to an electric vehicle battery management system;
b: the battery management system of the electric automobile splits the random number r into x and y and substitutes the x and y into the same mathematical equation to verify the correctness of the r, if the r is verified to be correct, whether the r appears in the used random number is judged, if yes, the replay attack is detected, the battery management system of the electric automobile does not receive the message, if not, the message is verified to be passed, and the value of the random number r is recorded;
the mathematical equation with certain complexity uses ax + by as a mathematical equation, wherein parameters a, b and c are determined by a shared seed S, the value of S is updated after one round of multi-frame message transmission is completed, and the corresponding values of a, b and c are also updated.
CN201910781588.1A 2019-08-23 2019-08-23 Security authentication method for communication protocol of charging pile and electric vehicle Active CN110545175B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910781588.1A CN110545175B (en) 2019-08-23 2019-08-23 Security authentication method for communication protocol of charging pile and electric vehicle

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910781588.1A CN110545175B (en) 2019-08-23 2019-08-23 Security authentication method for communication protocol of charging pile and electric vehicle

Publications (2)

Publication Number Publication Date
CN110545175A CN110545175A (en) 2019-12-06
CN110545175B true CN110545175B (en) 2022-08-26

Family

ID=68711913

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910781588.1A Active CN110545175B (en) 2019-08-23 2019-08-23 Security authentication method for communication protocol of charging pile and electric vehicle

Country Status (1)

Country Link
CN (1) CN110545175B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112202549B (en) * 2020-09-02 2023-03-21 深圳市车电网络有限公司 Charging management method, charging terminal data processing method and charging management platform data processing method
CN112216026A (en) * 2020-09-03 2021-01-12 北京握奇智能科技有限公司 Electric vehicle charging non-inductive payment method and system based on front-mounted OBU
CN112653559B (en) * 2021-01-04 2023-01-06 潍柴动力股份有限公司 Electric control unit starting method and device and storage medium
CN114670696A (en) * 2021-06-22 2022-06-28 北京新能源汽车股份有限公司 Charging control method and device, charging pile and electric vehicle
CN113810403B (en) * 2021-09-15 2023-02-14 国网湖北省电力有限公司恩施供电公司 Charging pile vulnerability detection method and detection device based on communication protocol
CN115550069B (en) * 2022-11-29 2023-05-09 国网电动汽车服务(天津)有限公司 Intelligent charging system of electric automobile and safety protection method thereof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105637803A (en) * 2014-05-08 2016-06-01 松下电器(美国)知识产权公司 On-vehicle network system, fraud-detection electronic control unit, and method for tackling fraud
CN106503494A (en) * 2016-11-05 2017-03-15 福建省北峰电讯科技有限公司 A kind of firmware protection location and guard method with flash memory microcontroller on piece
CN106790053A (en) * 2016-12-20 2017-05-31 江苏大学 A kind of method of ECU secure communications in CAN
CN109889333A (en) * 2019-01-24 2019-06-14 深圳忆联信息系统有限公司 Firmware data encryption method, device, computer equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105637803A (en) * 2014-05-08 2016-06-01 松下电器(美国)知识产权公司 On-vehicle network system, fraud-detection electronic control unit, and method for tackling fraud
CN106503494A (en) * 2016-11-05 2017-03-15 福建省北峰电讯科技有限公司 A kind of firmware protection location and guard method with flash memory microcontroller on piece
CN106790053A (en) * 2016-12-20 2017-05-31 江苏大学 A kind of method of ECU secure communications in CAN
CN109889333A (en) * 2019-01-24 2019-06-14 深圳忆联信息系统有限公司 Firmware data encryption method, device, computer equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes;Dennis K. Nilsson等;《2008 IEEE 68th Vehicular Technology Conference》;20080924;第II-V节 *
一种基于AES-CCM算法的安全车载CAN网络协议;朱立民等;《汽车技术》;20180802;第2-4节 *

Also Published As

Publication number Publication date
CN110545175A (en) 2019-12-06

Similar Documents

Publication Publication Date Title
CN110545175B (en) Security authentication method for communication protocol of charging pile and electric vehicle
CN109600350B (en) System and method for secure communication between controllers in a vehicle network
Palaniswamy et al. An efficient authentication scheme for intra-vehicular controller area network
CA2865835C (en) System and method for connecting client devices to a network
US11245535B2 (en) Hash-chain based sender identification scheme
Wang et al. A secure and efficient multiserver authentication and key agreement protocol for internet of vehicles
Fassak et al. A secure protocol for session keys establishment between ECUs in the CAN bus
US8422670B2 (en) Password authentication method
JP2008545353A (en) Establishing a reliable relationship between unknown communicating parties
Park One-time password based on hash chain without shared secret and re-registration
US10122755B2 (en) Method and apparatus for detecting that an attacker has sent one or more messages to a receiver node
Soleymani et al. PACMAN: Privacy-preserving authentication scheme for managing cybertwin-based 6G networking
Huang et al. A secure communication over wireless environments by using a data connection core
CN111654481A (en) Identity authentication method, identity authentication device and storage medium
Gagneja et al. Security protocol for Internet of Things (IoT): Blockchain-based implementation and analysis
CN111614462B (en) Key calculation method and system based on blockchain
EP3361691B1 (en) Method and device for verifying validity of identity of entity
Lenard et al. LOKI: A lightweight cryptographic key distribution protocol for controller area networks
Sun et al. ECQV-GDH-Based Group Key Exchange Protocol for CAN Bus
Zhang et al. A Domain Isolated Tripartite Authenticated Key Agreement Protocol With Dynamic Revocation and Online Public Identity Updating for IIoT
CN112738751B (en) Wireless sensor access authentication method, device and system
CN112689283B (en) Key protection and negotiation method, system and storage medium
CN114513316A (en) Identity-based anonymous authentication method, server and user terminal equipment
CN105515775B (en) Efficient privacy protection signcryption method
Xu et al. A Lightweight Security Authentication Method for the Charging Protocol of Smart Charging Pile

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant